CVE-2024-2635
HIGHDescription
The configuration pages available are not intended to be placed on an Internet facing web server, as they expose file paths to the client, who can be an attacker. Instead of rewriting these pages to avoid this vulnerability, they will be dismissed from future releases of Cegid Meta4 HR, as they do not offer product functionality
CVSS v3.1 Score
Weakness Type (CWE)
References
Frequently Asked Questions
What is CVE-2024-2635? +
How severe is CVE-2024-2635? +
How do I check if I'm vulnerable to CVE-2024-2635? +
Related Vulnerabilities
Dockwatch through 0.6.567 contains an unauthenticated OS command injection vulnerability that allows remote attackers to execute arbitrary shell commands by …
NetAlertX 24.7.18 before 24.10.12 allows unauthenticated file reading because an HTTP client can ignore a redirect, and because of factors …
A vulnerability was found in SourceCodester Employee Task Management System 1.0. It has been classified as critical. This affects an …
A vulnerability was found in SourceCodester Employee Task Management System 1.0. It has been declared as critical. This vulnerability affects …
A vulnerability was found in SourceCodester Employee Task Management System 1.0. It has been rated as critical. This issue affects …
A vulnerability classified as critical has been found in SourceCodester Employee Task Management System 1.0. Affected is an unknown function …